chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,687 @@
|
||||
/**
|
||||
* Security Tests
|
||||
*
|
||||
* Tests for P0/P1 security fixes:
|
||||
* - FileLock (cross-process locking)
|
||||
* - Path traversal prevention
|
||||
* - MCP input validation
|
||||
* - Atomic writes
|
||||
*/
|
||||
|
||||
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
||||
import * as fs from 'fs';
|
||||
import * as path from 'path';
|
||||
import * as os from 'os';
|
||||
import { FileLock, validateProjectPath, validatePathWithinRoot } from '../src/utils';
|
||||
import CodeGraph from '../src/index';
|
||||
import { ToolHandler, tools } from '../src/mcp/tools';
|
||||
import { scanDirectory, isSourceFile } from '../src/extraction';
|
||||
import { DatabaseConnection, getDatabasePath } from '../src/db';
|
||||
import { QueryBuilder } from '../src/db/queries';
|
||||
|
||||
function createTempDir(): string {
|
||||
return fs.mkdtempSync(path.join(os.tmpdir(), 'codegraph-security-test-'));
|
||||
}
|
||||
|
||||
function cleanupTempDir(dir: string): void {
|
||||
if (fs.existsSync(dir)) {
|
||||
fs.rmSync(dir, { recursive: true, force: true });
|
||||
}
|
||||
}
|
||||
|
||||
describe('FileLock', () => {
|
||||
let tempDir: string;
|
||||
let lockPath: string;
|
||||
|
||||
beforeEach(() => {
|
||||
tempDir = createTempDir();
|
||||
lockPath = path.join(tempDir, 'test.lock');
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
cleanupTempDir(tempDir);
|
||||
});
|
||||
|
||||
it('should acquire and release a lock', () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
lock.acquire();
|
||||
|
||||
expect(fs.existsSync(lockPath)).toBe(true);
|
||||
const content = fs.readFileSync(lockPath, 'utf-8').trim();
|
||||
expect(parseInt(content, 10)).toBe(process.pid);
|
||||
|
||||
lock.release();
|
||||
expect(fs.existsSync(lockPath)).toBe(false);
|
||||
});
|
||||
|
||||
it('should prevent double acquisition within same process', () => {
|
||||
const lock1 = new FileLock(lockPath);
|
||||
const lock2 = new FileLock(lockPath);
|
||||
|
||||
lock1.acquire();
|
||||
|
||||
// Second lock should fail because our PID is alive
|
||||
expect(() => lock2.acquire()).toThrow(/locked by another process/);
|
||||
|
||||
lock1.release();
|
||||
});
|
||||
|
||||
it('should detect and remove stale locks from dead processes', () => {
|
||||
// Write a lock file with a PID that doesn't exist
|
||||
// PID 99999999 is extremely unlikely to be a real process
|
||||
fs.writeFileSync(lockPath, '99999999');
|
||||
|
||||
const lock = new FileLock(lockPath);
|
||||
// Should succeed because the PID is dead
|
||||
expect(() => lock.acquire()).not.toThrow();
|
||||
|
||||
lock.release();
|
||||
});
|
||||
|
||||
it('should execute function with withLock', () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
|
||||
const result = lock.withLock(() => {
|
||||
expect(fs.existsSync(lockPath)).toBe(true);
|
||||
return 42;
|
||||
});
|
||||
|
||||
expect(result).toBe(42);
|
||||
expect(fs.existsSync(lockPath)).toBe(false);
|
||||
});
|
||||
|
||||
it('should release lock even if function throws', () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
|
||||
expect(() => {
|
||||
lock.withLock(() => {
|
||||
throw new Error('test error');
|
||||
});
|
||||
}).toThrow('test error');
|
||||
|
||||
expect(fs.existsSync(lockPath)).toBe(false);
|
||||
});
|
||||
|
||||
it('should execute async function with withLockAsync', async () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
|
||||
const result = await lock.withLockAsync(async () => {
|
||||
expect(fs.existsSync(lockPath)).toBe(true);
|
||||
return 'async-result';
|
||||
});
|
||||
|
||||
expect(result).toBe('async-result');
|
||||
expect(fs.existsSync(lockPath)).toBe(false);
|
||||
});
|
||||
|
||||
it('should release lock even if async function throws', async () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
|
||||
await expect(
|
||||
lock.withLockAsync(async () => {
|
||||
throw new Error('async error');
|
||||
})
|
||||
).rejects.toThrow('async error');
|
||||
|
||||
expect(fs.existsSync(lockPath)).toBe(false);
|
||||
});
|
||||
|
||||
it('release should be idempotent', () => {
|
||||
const lock = new FileLock(lockPath);
|
||||
lock.acquire();
|
||||
lock.release();
|
||||
// Second release should not throw
|
||||
expect(() => lock.release()).not.toThrow();
|
||||
});
|
||||
});
|
||||
|
||||
describe('Path Traversal Prevention', () => {
|
||||
let testDir: string;
|
||||
let cg: CodeGraph;
|
||||
|
||||
beforeEach(async () => {
|
||||
testDir = createTempDir();
|
||||
|
||||
const srcDir = path.join(testDir, 'src');
|
||||
fs.mkdirSync(srcDir);
|
||||
|
||||
fs.writeFileSync(
|
||||
path.join(srcDir, 'hello.ts'),
|
||||
`export function hello(): string { return "hi"; }\n`
|
||||
);
|
||||
|
||||
cg = CodeGraph.initSync(testDir, {
|
||||
config: { include: ['**/*.ts'], exclude: [] },
|
||||
});
|
||||
await cg.indexAll();
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
if (cg) cg.close();
|
||||
cleanupTempDir(testDir);
|
||||
});
|
||||
|
||||
it('should read code for valid nodes within project', async () => {
|
||||
const nodes = cg.getNodesByKind('function');
|
||||
const hello = nodes.find((n) => n.name === 'hello');
|
||||
expect(hello).toBeDefined();
|
||||
|
||||
const code = await cg.getCode(hello!.id);
|
||||
expect(code).toContain('hello');
|
||||
});
|
||||
|
||||
it('should return null for non-existent node', async () => {
|
||||
const code = await cg.getCode('does-not-exist');
|
||||
expect(code).toBeNull();
|
||||
});
|
||||
});
|
||||
|
||||
describe('Symlink escape prevention (#527)', () => {
|
||||
// An in-repo symlink whose logical path is inside the project root but whose
|
||||
// REAL target escapes the root must never be served. validatePathWithinRoot
|
||||
// is the chokepoint both content-serving read sinks go through (codegraph_node
|
||||
// includeCode + codegraph_explore source rendering), so it must resolve
|
||||
// symlinks, not just compare strings. realpathSync the roots so the test's own
|
||||
// expectations don't trip over /tmp -> /private/tmp on macOS.
|
||||
let root: string;
|
||||
let outside: string;
|
||||
|
||||
beforeEach(() => {
|
||||
root = fs.realpathSync(fs.mkdtempSync(path.join(os.tmpdir(), 'cg-root-')));
|
||||
outside = fs.realpathSync(fs.mkdtempSync(path.join(os.tmpdir(), 'cg-outside-')));
|
||||
fs.mkdirSync(path.join(root, 'src'));
|
||||
fs.writeFileSync(path.join(root, 'src', 'in.ts'), 'export const x = 1;\n');
|
||||
fs.mkdirSync(path.join(outside, 'pkg'));
|
||||
fs.writeFileSync(path.join(outside, 'pkg', 'secret.txt'), 'TOP-SECRET\n');
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
fs.rmSync(root, { recursive: true, force: true });
|
||||
fs.rmSync(outside, { recursive: true, force: true });
|
||||
});
|
||||
|
||||
// Symlink creation needs privileges on Windows; skip gracefully if it fails.
|
||||
const link = (linkPath: string, target: string): boolean => {
|
||||
try { fs.symlinkSync(target, linkPath); return true; } catch { return false; }
|
||||
};
|
||||
|
||||
it('allows a real file inside the root (and realpaths consistently)', () => {
|
||||
expect(validatePathWithinRoot(root, 'src/in.ts')).not.toBeNull();
|
||||
});
|
||||
|
||||
it('allows a not-yet-existing path inside the root (ENOENT — files about to be written)', () => {
|
||||
expect(validatePathWithinRoot(root, 'src/will-write.ts')).not.toBeNull();
|
||||
});
|
||||
|
||||
it('rejects a lexical ../ traversal out of the root', () => {
|
||||
expect(validatePathWithinRoot(root, `../${path.basename(outside)}/pkg/secret.txt`)).toBeNull();
|
||||
});
|
||||
|
||||
it('rejects an in-repo symlink to an out-of-root FILE', () => {
|
||||
if (!link(path.join(root, 'escape'), path.join(outside, 'pkg', 'secret.txt'))) return;
|
||||
expect(validatePathWithinRoot(root, 'escape')).toBeNull();
|
||||
});
|
||||
|
||||
it('rejects a path that escapes through an in-repo symlink to an out-of-root DIR', () => {
|
||||
if (!link(path.join(root, 'escapedir'), path.join(outside, 'pkg'))) return;
|
||||
expect(validatePathWithinRoot(root, 'escapedir/secret.txt')).toBeNull();
|
||||
});
|
||||
|
||||
it('still allows an in-repo symlink that stays WITHIN the root (no over-blocking)', () => {
|
||||
if (!link(path.join(root, 'src', 'inlink.ts'), path.join(root, 'src', 'in.ts'))) return;
|
||||
expect(validatePathWithinRoot(root, 'src/inlink.ts')).not.toBeNull();
|
||||
});
|
||||
|
||||
// The INDEXING read path opts into following in-root symlinks the directory
|
||||
// walk already descended into — discovery and the reader must agree, or files
|
||||
// reached via an in-root symlink-to-outside fail to index (#935). The lexical
|
||||
// `../` guard is NOT waived, and content-serving sinks never pass the flag.
|
||||
it('allowSymlinkEscape follows an in-repo symlink to an out-of-root FILE (indexing read)', () => {
|
||||
if (!link(path.join(root, 'escape'), path.join(outside, 'pkg', 'secret.txt'))) return;
|
||||
expect(validatePathWithinRoot(root, 'escape', { allowSymlinkEscape: true })).not.toBeNull();
|
||||
});
|
||||
|
||||
it('allowSymlinkEscape follows a path through an in-repo out-of-root DIR symlink (indexing read)', () => {
|
||||
if (!link(path.join(root, 'escapedir'), path.join(outside, 'pkg'))) return;
|
||||
expect(validatePathWithinRoot(root, 'escapedir/secret.txt', { allowSymlinkEscape: true })).not.toBeNull();
|
||||
});
|
||||
|
||||
it('allowSymlinkEscape STILL rejects a lexical ../ traversal (guard not waived)', () => {
|
||||
expect(
|
||||
validatePathWithinRoot(root, `../${path.basename(outside)}/pkg/secret.txt`, { allowSymlinkEscape: true })
|
||||
).toBeNull();
|
||||
});
|
||||
|
||||
it('end-to-end: getCode never serves an out-of-root file reached via a dir symlink', async () => {
|
||||
fs.writeFileSync(path.join(outside, 'pkg', 'leak.ts'),
|
||||
'export function leaked() { return "LEAKED-ZZZ-9"; }\n');
|
||||
if (!link(path.join(root, 'vendored'), path.join(outside, 'pkg'))) return;
|
||||
|
||||
const cg = CodeGraph.initSync(root, { config: { include: ['**/*.ts'], exclude: [] } });
|
||||
try {
|
||||
await cg.indexAll();
|
||||
// Whether or not extraction followed the dir symlink, NO node may ever
|
||||
// yield the out-of-root content through getCode.
|
||||
for (const n of cg.getNodesByKind('function')) {
|
||||
const code = await cg.getCode(n.id);
|
||||
expect(code ?? '').not.toContain('LEAKED-ZZZ-9');
|
||||
}
|
||||
} finally {
|
||||
cg.close();
|
||||
}
|
||||
});
|
||||
|
||||
it('end-to-end (#935): indexes source reached through an in-root dir symlink to outside', async () => {
|
||||
// The Dota custom-game layout symlinks `game/` and `content/` into an SDK
|
||||
// tree outside the repo. Before #935 the batch reader's strict symlink-escape
|
||||
// guard blocked every file under them, so nothing indexed — even though the
|
||||
// directory walk deliberately followed the symlink to enumerate them. The
|
||||
// reader now agrees with discovery: the file indexes.
|
||||
fs.writeFileSync(path.join(outside, 'pkg', 'vendored.ts'),
|
||||
'export function vendoredHelper() { return "LEAKED-ZZZ-9"; }\n');
|
||||
if (!link(path.join(root, 'game'), path.join(outside, 'pkg'))) return;
|
||||
|
||||
const cg = CodeGraph.initSync(root, { config: { include: ['**/*.ts'], exclude: [] } });
|
||||
try {
|
||||
await cg.indexAll();
|
||||
// The symlinked-in file is now part of the graph...
|
||||
const names = cg.getNodesByKind('function').map((n) => n.name);
|
||||
expect(names).toContain('vendoredHelper');
|
||||
// ...but its out-of-root contents are STILL never served (the #527 sink
|
||||
// stays strict — indexing relaxes only the read path, not getCode).
|
||||
for (const n of cg.getNodesByKind('function')) {
|
||||
expect((await cg.getCode(n.id)) ?? '').not.toContain('LEAKED-ZZZ-9');
|
||||
}
|
||||
} finally {
|
||||
cg.close();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
describe('validateProjectPath — sensitive directory blocking', () => {
|
||||
// POSIX-only: on Windows '/etc' resolves to C:\etc (non-existent), not a
|
||||
// sensitive dir — the Windows case is covered by the win32-gated test below.
|
||||
it.runIf(process.platform !== 'win32')('blocks POSIX system directories (exact match)', () => {
|
||||
expect(validateProjectPath('/')).toMatch(/sensitive system directory/i);
|
||||
expect(validateProjectPath('/etc')).toMatch(/sensitive system directory/i);
|
||||
});
|
||||
|
||||
it('allows a normal, existing directory', () => {
|
||||
const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'cg-validate-'));
|
||||
try {
|
||||
expect(validateProjectPath(dir)).toBeNull();
|
||||
} finally {
|
||||
fs.rmSync(dir, { recursive: true, force: true });
|
||||
}
|
||||
});
|
||||
|
||||
// SENSITIVE_PATHS stores the Windows entries lowercase and validateProjectPath
|
||||
// matches via resolved.toLowerCase(), so 'C:\\Windows' and 'c:\\windows' are
|
||||
// both blocked. path.resolve is platform-specific, so this only runs on Windows.
|
||||
it.runIf(process.platform === 'win32')(
|
||||
'blocks Windows system directories regardless of case',
|
||||
() => {
|
||||
expect(validateProjectPath('C:\\Windows')).toMatch(/sensitive system directory/i);
|
||||
expect(validateProjectPath('c:\\windows')).toMatch(/sensitive system directory/i);
|
||||
expect(validateProjectPath('C:\\WINDOWS\\System32')).toMatch(/sensitive system directory/i);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
describe('MCP Input Validation', () => {
|
||||
let testDir: string;
|
||||
let cg: CodeGraph;
|
||||
let handler: ToolHandler;
|
||||
|
||||
beforeEach(async () => {
|
||||
testDir = createTempDir();
|
||||
|
||||
const srcDir = path.join(testDir, 'src');
|
||||
fs.mkdirSync(srcDir);
|
||||
|
||||
fs.writeFileSync(
|
||||
path.join(srcDir, 'example.ts'),
|
||||
`export function exampleFunc(): void {}\nexport class ExampleClass {}\n`
|
||||
);
|
||||
|
||||
cg = CodeGraph.initSync(testDir, {
|
||||
config: { include: ['**/*.ts'], exclude: [] },
|
||||
});
|
||||
await cg.indexAll();
|
||||
handler = new ToolHandler(cg);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
if (cg) cg.close();
|
||||
cleanupTempDir(testDir);
|
||||
});
|
||||
|
||||
it('should reject non-string query in codegraph_search', async () => {
|
||||
const result = await handler.execute('codegraph_search', { query: null });
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toContain('non-empty string');
|
||||
});
|
||||
|
||||
it('should reject empty string query in codegraph_search', async () => {
|
||||
const result = await handler.execute('codegraph_search', { query: '' });
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toContain('non-empty string');
|
||||
});
|
||||
|
||||
it('should accept valid query in codegraph_search', async () => {
|
||||
const result = await handler.execute('codegraph_search', { query: 'example' });
|
||||
expect(result.isError).toBeFalsy();
|
||||
});
|
||||
|
||||
it('should clamp limit to valid range in codegraph_search', async () => {
|
||||
// Extremely large limit should still work (clamped to 100)
|
||||
const result = await handler.execute('codegraph_search', { query: 'example', limit: 999999 });
|
||||
expect(result.isError).toBeFalsy();
|
||||
});
|
||||
|
||||
it('should reject non-string symbol in codegraph_callers', async () => {
|
||||
const result = await handler.execute('codegraph_callers', { symbol: 123 });
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toContain('non-empty string');
|
||||
});
|
||||
|
||||
it('should reject non-string query in codegraph_explore', async () => {
|
||||
const result = await handler.execute('codegraph_explore', { query: undefined });
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toContain('non-empty string');
|
||||
});
|
||||
|
||||
it('should truncate oversized tool output', async () => {
|
||||
// Force a huge result set through codegraph_search; the response must be
|
||||
// truncated with the sentinel rather than flooding the agent's context.
|
||||
const many = Array.from({ length: 3000 }, (_, i) => ({
|
||||
node: {
|
||||
id: `n${i}`,
|
||||
name: `symbol_${i}_${'x'.repeat(40)}`,
|
||||
kind: 'function',
|
||||
filePath: `src/very/deep/path/file_${i}.ts`,
|
||||
startLine: 1,
|
||||
endLine: 2,
|
||||
language: 'typescript',
|
||||
},
|
||||
score: 1,
|
||||
}));
|
||||
const fakeCg = {
|
||||
searchNodes: () => many,
|
||||
};
|
||||
const fakeHandler = new ToolHandler(fakeCg as unknown as CodeGraph);
|
||||
|
||||
const result = await fakeHandler.execute('codegraph_search', { query: 'x' });
|
||||
|
||||
expect(result.isError).toBeFalsy();
|
||||
expect(result.content[0].text).toContain('... (output truncated)');
|
||||
});
|
||||
|
||||
it('should reject non-string symbol in codegraph_impact', async () => {
|
||||
const result = await handler.execute('codegraph_impact', { symbol: [] });
|
||||
expect(result.isError).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject non-string symbol in codegraph_node', async () => {
|
||||
const result = await handler.execute('codegraph_node', { symbol: false });
|
||||
expect(result.isError).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject non-string symbol in codegraph_callees', async () => {
|
||||
const result = await handler.execute('codegraph_callees', { symbol: {} });
|
||||
expect(result.isError).toBe(true);
|
||||
});
|
||||
|
||||
it('should handle NaN limit gracefully', async () => {
|
||||
const result = await handler.execute('codegraph_search', { query: 'example', limit: 'abc' });
|
||||
expect(result.isError).toBeFalsy();
|
||||
});
|
||||
|
||||
it('should handle negative limit gracefully', async () => {
|
||||
const result = await handler.execute('codegraph_search', { query: 'example', limit: -5 });
|
||||
expect(result.isError).toBeFalsy();
|
||||
});
|
||||
|
||||
// #230: getCodeGraph must reject a sensitive system directory passed as
|
||||
// projectPath before opening it. The error surfaces through execute()'s
|
||||
// catch as an isError result. /etc is sensitive on POSIX; C:\Windows on
|
||||
// Windows (path.resolve is platform-specific, so each case is gated).
|
||||
it.runIf(process.platform !== 'win32')(
|
||||
'rejects a sensitive POSIX projectPath (/etc) via the MCP handler',
|
||||
async () => {
|
||||
const result = await handler.execute('codegraph_search', {
|
||||
query: 'example',
|
||||
projectPath: '/etc',
|
||||
});
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toMatch(/sensitive system directory/i);
|
||||
}
|
||||
);
|
||||
|
||||
it.runIf(process.platform === 'win32')(
|
||||
'rejects a sensitive Windows projectPath (C:\\Windows) via the MCP handler',
|
||||
async () => {
|
||||
const result = await handler.execute('codegraph_search', {
|
||||
query: 'example',
|
||||
projectPath: 'C:\\Windows',
|
||||
});
|
||||
expect(result.isError).toBe(true);
|
||||
expect(result.content[0].text).toMatch(/sensitive system directory/i);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
describe('Atomic Writes', () => {
|
||||
let tempDir: string;
|
||||
|
||||
beforeEach(() => {
|
||||
tempDir = createTempDir();
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
cleanupTempDir(tempDir);
|
||||
});
|
||||
|
||||
it('should not leave temp files on success', () => {
|
||||
// We test this indirectly through the config-writer module
|
||||
// by checking that no .tmp files remain after writing
|
||||
const configDir = path.join(tempDir, '.claude');
|
||||
fs.mkdirSync(configDir, { recursive: true });
|
||||
|
||||
const testFile = path.join(configDir, 'test.json');
|
||||
// Simulate what atomicWriteFileSync does
|
||||
const tmpPath = testFile + '.tmp.' + process.pid;
|
||||
fs.writeFileSync(tmpPath, '{"test": true}');
|
||||
fs.renameSync(tmpPath, testFile);
|
||||
|
||||
expect(fs.existsSync(testFile)).toBe(true);
|
||||
expect(fs.existsSync(tmpPath)).toBe(false);
|
||||
|
||||
const content = JSON.parse(fs.readFileSync(testFile, 'utf-8'));
|
||||
expect(content.test).toBe(true);
|
||||
});
|
||||
});
|
||||
|
||||
describe('Source file detection (isSourceFile)', () => {
|
||||
it('selects files by supported extension', () => {
|
||||
expect(isSourceFile('src/index.ts')).toBe(true);
|
||||
expect(isSourceFile('src/deep/nested/file.ts')).toBe(true);
|
||||
expect(isSourceFile('src/component.tsx')).toBe(true);
|
||||
expect(isSourceFile('lib/util.js')).toBe(true);
|
||||
expect(isSourceFile('src/main.py')).toBe(true);
|
||||
});
|
||||
|
||||
it('rejects unsupported extensions and extensionless files', () => {
|
||||
expect(isSourceFile('src/component.css')).toBe(false);
|
||||
expect(isSourceFile('README.md')).toBe(false);
|
||||
expect(isSourceFile('Makefile')).toBe(false);
|
||||
expect(isSourceFile('.gitignore')).toBe(false);
|
||||
});
|
||||
|
||||
it('matches regardless of leading dot directories', () => {
|
||||
expect(isSourceFile('.hidden/index.ts')).toBe(true);
|
||||
});
|
||||
});
|
||||
|
||||
describe('JSON.parse Error Boundaries in DB', () => {
|
||||
let tempDir: string;
|
||||
|
||||
beforeEach(() => {
|
||||
tempDir = createTempDir();
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
cleanupTempDir(tempDir);
|
||||
});
|
||||
|
||||
it('should not crash when node has malformed JSON in decorators column', () => {
|
||||
const dbPath = path.join(tempDir, 'test.db');
|
||||
const db = DatabaseConnection.initialize(dbPath);
|
||||
const queries = new QueryBuilder(db.getDb());
|
||||
|
||||
// Insert a node with malformed JSON in the decorators column
|
||||
db.getDb().prepare(`
|
||||
INSERT INTO nodes (id, kind, name, qualified_name, file_path, language, start_line, end_line, start_column, end_column, decorators, is_exported, is_async, is_static, is_abstract, updated_at)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||
`).run(
|
||||
'test-node-1', 'function', 'myFunc', 'myFunc', 'test.ts', 'typescript',
|
||||
1, 5, 0, 0,
|
||||
'{not valid json!!!}', // malformed decorators
|
||||
0, 0, 0, 0, Date.now()
|
||||
);
|
||||
|
||||
// Should not throw - should return node with undefined decorators
|
||||
const node = queries.getNodeById('test-node-1');
|
||||
expect(node).not.toBeNull();
|
||||
expect(node!.name).toBe('myFunc');
|
||||
expect(node!.decorators).toBeUndefined();
|
||||
|
||||
db.close();
|
||||
});
|
||||
|
||||
it('should not crash when edge has malformed JSON in metadata column', () => {
|
||||
const dbPath = path.join(tempDir, 'test.db');
|
||||
const db = DatabaseConnection.initialize(dbPath);
|
||||
const queries = new QueryBuilder(db.getDb());
|
||||
|
||||
// Insert two nodes first
|
||||
const insertNode = db.getDb().prepare(`
|
||||
INSERT INTO nodes (id, kind, name, qualified_name, file_path, language, start_line, end_line, start_column, end_column, is_exported, is_async, is_static, is_abstract, updated_at)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||
`);
|
||||
insertNode.run('node-a', 'function', 'funcA', 'funcA', 'a.ts', 'typescript', 1, 5, 0, 0, 0, 0, 0, 0, Date.now());
|
||||
insertNode.run('node-b', 'function', 'funcB', 'funcB', 'b.ts', 'typescript', 1, 5, 0, 0, 0, 0, 0, 0, Date.now());
|
||||
|
||||
// Insert edge with malformed metadata
|
||||
db.getDb().prepare(`
|
||||
INSERT INTO edges (source, target, kind, metadata)
|
||||
VALUES (?, ?, ?, ?)
|
||||
`).run('node-a', 'node-b', 'calls', 'broken json {{{');
|
||||
|
||||
// Should not throw - should return edge with undefined metadata
|
||||
const edges = queries.getOutgoingEdges('node-a');
|
||||
expect(edges.length).toBe(1);
|
||||
expect(edges[0].source).toBe('node-a');
|
||||
expect(edges[0].target).toBe('node-b');
|
||||
expect(edges[0].metadata).toBeUndefined();
|
||||
|
||||
db.close();
|
||||
});
|
||||
|
||||
it('should not crash when file record has malformed JSON in errors column', () => {
|
||||
const dbPath = path.join(tempDir, 'test.db');
|
||||
const db = DatabaseConnection.initialize(dbPath);
|
||||
const queries = new QueryBuilder(db.getDb());
|
||||
|
||||
// Insert a file with malformed errors JSON
|
||||
db.getDb().prepare(`
|
||||
INSERT INTO files (path, content_hash, language, size, modified_at, indexed_at, node_count, errors)
|
||||
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
||||
`).run('test.ts', 'abc123', 'typescript', 100, Date.now(), Date.now(), 5, 'not-an-array');
|
||||
|
||||
// Should not throw - should return file with undefined errors
|
||||
const file = queries.getFileByPath('test.ts');
|
||||
expect(file).not.toBeNull();
|
||||
expect(file!.path).toBe('test.ts');
|
||||
expect(file!.errors).toBeUndefined();
|
||||
|
||||
db.close();
|
||||
});
|
||||
});
|
||||
|
||||
describe('Symlink Cycle Detection', () => {
|
||||
let tempDir: string;
|
||||
|
||||
beforeEach(() => {
|
||||
tempDir = createTempDir();
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
cleanupTempDir(tempDir);
|
||||
});
|
||||
|
||||
it('should handle symlink cycle without infinite loop', () => {
|
||||
// Create directory structure with a symlink cycle
|
||||
const srcDir = path.join(tempDir, 'src');
|
||||
fs.mkdirSync(srcDir);
|
||||
fs.writeFileSync(path.join(srcDir, 'index.ts'), 'export const x = 1;\n');
|
||||
|
||||
// Create a symlink from src/loop -> tempDir (parent directory)
|
||||
try {
|
||||
fs.symlinkSync(tempDir, path.join(srcDir, 'loop'), 'dir');
|
||||
} catch {
|
||||
// Skip test if symlinks not supported (e.g., Windows without admin)
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
// This should complete without hanging
|
||||
const files = scanDirectory(tempDir);
|
||||
|
||||
// Should find the real file but not loop infinitely
|
||||
expect(files).toContain('src/index.ts');
|
||||
// Should not find duplicates via the symlink path
|
||||
const indexFiles = files.filter(f => f.endsWith('index.ts'));
|
||||
expect(indexFiles.length).toBe(1);
|
||||
});
|
||||
|
||||
it('should follow valid symlinks to directories', () => {
|
||||
// Create source directory with a file
|
||||
const realDir = path.join(tempDir, 'real');
|
||||
fs.mkdirSync(realDir);
|
||||
fs.writeFileSync(path.join(realDir, 'hello.ts'), 'export function hello() {}\n');
|
||||
|
||||
// Create a symlink to realDir
|
||||
const srcDir = path.join(tempDir, 'src');
|
||||
fs.mkdirSync(srcDir);
|
||||
try {
|
||||
fs.symlinkSync(realDir, path.join(srcDir, 'linked'), 'dir');
|
||||
} catch {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
const files = scanDirectory(tempDir);
|
||||
|
||||
// Should find files from both the real dir and via the symlink
|
||||
// But deduplicate since they resolve to the same real path
|
||||
expect(files.some(f => f.includes('hello.ts'))).toBe(true);
|
||||
});
|
||||
|
||||
it('should skip broken symlinks gracefully', () => {
|
||||
const srcDir = path.join(tempDir, 'src');
|
||||
fs.mkdirSync(srcDir);
|
||||
fs.writeFileSync(path.join(srcDir, 'valid.ts'), 'export const y = 2;\n');
|
||||
|
||||
try {
|
||||
fs.symlinkSync('/nonexistent/path', path.join(srcDir, 'broken'), 'dir');
|
||||
} catch {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
// Should not throw
|
||||
const files = scanDirectory(tempDir);
|
||||
expect(files).toContain('src/valid.ts');
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user